<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>RHEL 7 Security Audit Report</title>
    <style>
        body {
            font-family: 'Segoe UI', system-ui, sans-serif;
            color: #2D3748;
            background: #F8FAFC;
            margin: 0;
            padding: 2rem;
            min-height: 100vh;
        }
        h1 {
            text-align: center;
            margin: 2rem 0;
            font-size: 2.2rem;
            color: #1A365D;
            letter-spacing: -0.03em;
            text-shadow: 0 2px 4px rgba(0,0,0,0.05);
        }
        table {
            width: 90%;
            margin: 0 auto;
            border-collapse: separate;
            border-spacing: 0;
            background: white;
            border-radius: 12px;
            overflow: hidden;
            box-shadow: 0 8px 24px -6px rgba(0,73,144,0.12);
        }
        th {
            background: linear-gradient(135deg, #4299E1 0%, #3182CE 100%);
            color: white;
            padding: 1.1rem;
            font-weight: 600;
            font-size: 1.05rem;
            text-transform: uppercase;
            letter-spacing: 0.03em;
        }
        td {
            padding: 1rem 1.2rem;
            border-bottom: 1px solid #EDF2F7;
            transition: background 0.2s ease;
        }
        tr:nth-child(even) {
            background-color: #F7FAFC;
        }
        tr:last-child td {
            border-bottom: none;
        }
        tr:hover td {
            background: #EBF8FF;
        }
        .audit-item {
            color: #4A5568;
            font-weight: 500;
            font-size: 1rem;
        }
        .audit-result {
            font-weight: 600;
            font-size: 0.95rem;
            position: relative;
            padding-left: 24px;
        }
        .audit-result:before {
            content: "";
            position: absolute;
            left: 0;
            top: 50%;
            transform: translateY(-50%);
            width: 16px;
            height: 16px;
            border-radius: 50%;
            background: currentColor;
            opacity: 0.1;
        }
        .audit-result.fail {
            color: #E53E3E;  /* Modern red */
        }
        .audit-result:not(.fail) {
            color: #38A169;  /* Deep green */
        }
    </style>
</head>
<body>
    <h1>RHEL 安全审计报告</h1>
    <table>
        <tr>
            <th>审计项目</th>
            <th>审计结果</th>
        </tr>
        <tr>
            <td class="audit-item">IP地址</td>
            <td class="audit-result">{{ audit_results.ip }}</td>
        </tr>
        <tr>
            <td class="audit-item">主机名</td>
            <td class="audit-result">{{ audit_results.hostname }}</td>
        </tr>
        <tr>
            <td class="audit-item">Root登录</td>
            <td class="audit-result {% if audit_results.root_login == 'enabled (issue)' %}fail{% endif %}">{{ audit_results.root_login }}</td>
        </tr>
        <tr>
            <td class="audit-item">密码策略</td>
            <td class="audit-result {% if 'not configured' in audit_results.password_policy %}fail{% endif %}">{{ audit_results.password_policy }}</td>
        </tr>
        <tr>
            <td class="audit-item">系统日志状态</td>
            <td class="audit-result {% if audit_results.syslog == 'not running (issue)' %}fail{% endif %}">{{ audit_results.syslog }}</td>
        </tr>
        <tr>
            <td class="audit-item">防火墙状态</td>
            <td class="audit-result {% if audit_results.firewall == 'not enabled (issue)' %}fail{% endif %}">{{ audit_results.firewall }}</td>
        </tr>
        <tr>
            <td class="audit-item">文件权限</td>
            <td class="audit-result {% if 'incorrect' in audit_results.passwd_permissions %}fail{% endif %}">{{ audit_results.passwd_permissions }}</td>
        </tr>
        <tr>
            <td class="audit-item">SELinux状态</td>
            <td class="audit-result {% if audit_results.selinux == 'not enabled (issue)' %}fail{% endif %}">{{ audit_results.selinux }}</td>
        </tr>
        <tr>
            <td class="audit-item">SSH密钥认证</td>
            <td class="audit-result {% if audit_results.ssh_pubkey_auth == 'not enabled (issue)' %}fail{% endif %}">{{ audit_results.ssh_pubkey_auth }}</td>
        </tr>
    </table>
</body>
</html>
